[82284] in North American Network Operators' Group
Re: E-Mail authentication fight looming: Microsoft pushing Sender
daemon@ATHENA.MIT.EDU (Todd Vierling)
Mon Jul 11 13:04:04 2005
Date: Mon, 11 Jul 2005 13:00:04 -0400 (EDT)
From: Todd Vierling <tv@duh.org>
To: Suresh Ramasubramanian <ops.lists@gmail.com>
Cc: trainier@kalsec.com, nanog@merit.edu
In-Reply-To: <bb0e440a050709190967627f83@mail.gmail.com>
Errors-To: owner-nanog@merit.edu
On Sun, 10 Jul 2005, Suresh Ramasubramanian wrote:
> > > The second issue with boycotting, is the false positives.
> >
> > No, the *point* of the boycott is the "false positives". ISPs *will* react
> > when their general users find themselves unable to send e-mail because the
> > entire netspace of the offending ISP is blocked (boycotted).
>
> It depends, of course, on who is doing the spam filtering.
>
> I've seen several people I respect, doing good and sensible filtering
> that is as surgical as possible, but remarkably effective given that
> this filtering is applied at 800 lb gorilla sites.
Which is exactly what I said, too. One particular gorilla has at least
started to enforce long-established RFC "standards" that most folks blindly
ignored out of laziness for years.
> I've also seen some people, with root and/or enable on remarkably
> large networks, who don't realize that good spam filtering is not just
> knowing the syntax for "access list 101 deny" or "vi /etc/mail/access,
> then makemap hash access.db < access"., and who I wouldn't trust to be
> postmaster@etch-a-sketch, let alone on a production cluster of
> mailservers.
And this is the problem -- but then, such miserably inept admins are usually
also responsible for the *outflow*, and are thus working for a highly
intersecting set of ISPs that should be targeted for escalation, "collateral
damage", "false positive" blocking in order to get them to wake up and read
documentation for once....
--
-- Todd Vierling <tv@duh.org> <tv@pobox.com> <todd@vierling.name>
